[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: changing framebuffer device owner during login

On Sat, Jun 16, 2001 at 08:24:23PM +0200, Wichert Akkerman wrote:
> Previously Jochen Voss wrote:
> > 1) "pam_console" seems not to be packed for debian.  Maybe it is
> > RedHat specific?  Is there any way to change the owner of den
> > frambuffer devices for console logins, using our current PAM
> > implementation?  And, if possible, shouldn't this be done by default?
> 
> It is RedHat specific, and it is also a security problem as long as
> the kernel does not implement the revoke systemcall.
Which one is the security problem?  The pam_console module,
or changing the owner of /dev/fb0?  And what is the
revoke system call supposed to do?

> > 2) A group "video" does exist in my "/etc/group" file,
> > but the framebuffer device permissions are
> > 
> >     crw--w--w-    1 root     tty       29,   0 May  5  2000 /dev/fb0
> > 
> > Maybe this should be mode "660" and group "video"?
> No, group video is for video-capture devices.
Where can I learn about this?

So my problem remains: how can I setup my system to
use the framebuffer console device as an ordinary user?
Is this possible at all?

Jochen
-- 
                                         Omm
                                      (0)-(0)
http://www.mathematik.uni-kl.de/~wwwstoch/voss/privat.html
Reply to: